<?php
session_start();
/**
 * template name: Temp Login
 * description: impletement drawing of user
 * @author Tham NN  date 26/12/14
 */
$login = -2;
$errors = array();
if (isset($_REQUEST['bt_login'])) {
    $user = new User();
    $data['username'] = $_POST['txt_email'];
    $data['password'] = $_POST['txt_password'];

    //check special character for prevent sql injection
    if (!preg_match('/[\'^£$%&*()}{#~?><>,|=_+¬-]/', $_POST['txt_email'])) {
        //if there have no specials characters

          $login = $user->get_user_buy_username_password($data); //check if users enter their account correctly 

        
    } else {
        // one or more of the 'special characters' found in $string
        $errors[] = 'Please enter valid characters';
    }
}
if($login == 1)
{
      wp_redirect(get_site_url() . '/update-profile/');
}
get_header();
?>
<div style="display: none;"><?php echo $login; ?></div>
<div class="content">
    <div class="container">
        <div class="box-main">
            <div class="row">
                <div class="col-md-9">
                    <div class="tab">
                        <a href="<?php echo get_site_url(); ?>">Home / </a> <?php echo $post->post_title ?> </div>
                    <h2><?php echo $post->post_title ?> </h2>
                    <br/>
                    <div class="text-content border-radius">
                        <?php /* .Noi dung trang Login . */ ?>

                        <div class="form-question frm_register">
                            <div  class="error_info">
                                <?PHP
                                if ($login <>  -2) {
                                    if ($login == 0) {
                                        echo 'Error: Email or password does not match';
                                    } else if ($login == -1) {
                                        echo 'Your account hasn\'t been activated.Please check your email again';
                                    }
                                }
                                ?>
                                <?php
                                if (count($errors) > 0) {
                                    ?>
                                    <ul>
                                        <?php foreach ($errors as $err) { ?>
                                            <li><?php echo $err; ?></li>
                                        <?php } ?>
                                    </ul>
                                    <?php
                                }
                                ?>
                            </div>
                            <div class="text-share">
                                <form method="post">
                                    <br/>
                                    <p>
                                        <label>Email</label>
                                        <input type="text"  id="txt_email" name="txt_email" />
                                    <p id="error_email" class="error_info"  ></p>
                                    </p>
                                    <br/>
                                    <p>
                                        <label>Password</label>
                                        <input type="password"  id="txt_password" name="txt_password" />
                                    <p id="error_passw" class="error_info"  ></p>
                                    </p> 
                                    <p class="contain-btn-login p_button_right">

                                        <button onClick="return checklogin();"  type="submit" name="bt_login"  id="bt_login"  class="button">
                                            LOG IN
                                        </button>
                                        <a onClick="return forgetpass();"  style="cursor:pointer;"  name="bt_forget"  id="bt_forget">Forgot Password?</a>
                                    </p>
                                </form>
                            </div>
                        </div>

                        <?php /* .Noi dung trang Login . */ ?>
                    </div>
                </div>
                <?php
                include_once 'right_single.php';
                ?>
            </div>
        </div>
    </div>
</div>

<?php get_footer(); ?>